CVE-2017-5452

Summary

Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 53.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 53affected

Weaknesses

  • Addressbar spoofing during scrolling with editable content on Firefox for Android

ADP Enrichment

CVE Program Container

Additional References

References